- beautify comments

2024-06-02 12:30:18 -07:00 · 2024-06-02 12:30:18 -07:00 · 6bc9bbbf50
commit 6bc9bbbf50
parent 021b4c42b6
7 changed files with 78 additions and 190 deletions
--- a/go_client/tests/secret_test.go
+++ b/go_client/tests/secret_test.go
@ -41,7 +41,6 @@ func TestMain(m *testing.M) {
 }
 // https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2#create-update-secret
 // @Philip der Path steht in der KvV2Write Methode
 func TestWriteSecret(t *testing.T) {
 	// Path foo
 	_, err := client.Secrets.KvV2Write(ctx, "foo", schema.KvV2WriteRequest{
@ -98,16 +97,8 @@ func TestWriteSecret2(t *testing.T) {
 	log.Println("kv2: Tried to write Secret at foo at mountpath: ", mountpath2)
 }
 // func TestDeleteSecret(t *testing.T) {
 // 	_, err := client.Secrets.KvV2Delete(ctx, "foo") // currently disregarding modifier options
 // 	if err != nil {
 // 		log.Fatal("kv2: Failed to delete secret:\n\t", err)
 // 	}
 // }
 func TestReadSecret(t *testing.T) {
 	_, err := client.Secrets.KvV2Read(ctx, "bar")
 	if err != nil {
 		log.Fatal("kv2: Failed to read secret:\n\t", err)
 	}
--- a/src/engines/kv.rs
+++ b/src/engines/kv.rs
@ -1,7 +1,4 @@
-// TODO: Remove
+// pub mod logic;
 #![allow(dead_code)]
 // pub mod logic; // TODO: Remove or correct errors
 pub mod db_structs;
 pub mod http_structs;
@ -64,7 +61,7 @@ async fn get_data(
        Ok(v) => {
            let version: i64 = v.get("version_number");
            let secret_content: HashMap<String, String> = HashMap::from([
-                // TODO: use sqlx to parse the row to a struct, do not do it manually
+                // Consider using sqlx to parse the row to a struct, do not do it manually
                ("secret_data".to_string(), v.get("secret_data")),
                ("created_time".to_string(), v.get("created_time")),
                ("deletion_time".to_string(), v.get("deletion_time")),
@ -80,7 +77,7 @@ async fn get_data(
                .unwrap_or_default()
                .to_utc(), // TODO
                custom_metadata: None,
-                deletion_time: None, // TODO
+                deletion_time: None,
                destroyed: false,
                version: version,
            });
@ -93,7 +90,7 @@ async fn get_data(
                error!("{:?}", e);
                let error_struct: ErrorStruct = ErrorStruct { err: e.to_string() };
                error!("{:?}", error_struct.err);
-                Ok(error_struct.into_response()) // TODO: API doesn't specify return value in case of error. Error struct correct? Else send empty secret back?
+                Ok(error_struct.into_response()) // API doesn't specify return value in case of error. Error struct correct? Else send empty secret back?
                                                 // let error_secret = KvSecretRes{data: None, options: None};
                                                 // Ok(Json())
            }
@ -108,6 +105,7 @@ async fn post_data(
    extract::Json(payload): extract::Json<KvSecretReq>,
 ) -> Result<impl IntoResponse, Infallible> {
    // Insert Metadata first -> Else: Error because of foreign key constraint
    // In a later implementation, a Metadata with default values from the config will be created 
    log::debug!(
        "Secret: {}, Content: {:?}, Version: {:?}, path: {}",
@ -154,15 +152,6 @@ async fn post_data(
        Ok(v) => {
            info!("{:?}", v);
            // match sqlx::query("SELECT custom_data FROM metadata where path = $1").bind(&path).fetch_one(&pool).await{
            //     Ok(v)=> {
            //         // let meta = v.get("custom_data"); // TODO: get metadata from query
            //     }
            //     Err(e) => {
            //         panic!("Couldn't find metadata");
            //     }
            // }
            let return_struct = KvSecretResData {
                created_time: created_time,
                custom_metadata: None,
@ -179,33 +168,6 @@ async fn post_data(
    }
 }
 /* mock for return
 async fn post_data(
    Path(kv_path): Path<String>,
    Extension(mount_path): Extension<String>,
    Json(body): Json<KvSecretReq>,
 ) -> Json<KvSecretRes> {
    trace!(
        "Secret: {}, Content: {:#?}, path: {}",
        kv_path,
        body.data,
        // body.version.unwrap_or(0),
        mount_path,
    );
    let res = KvSecretRes {
        data: KvSecretResData {
            created_time: chrono::Utc::now(),
            custom_metadata: None,
            deletion_time: None,
            destroyed: false,
            version: 1,
        },
    };
    Json(res)
 } */
 /// TODO: soft delete the secret version at path. can be undone with undelete_secret
 // https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2#delete-latest-version-of-secret
 // https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2#delete-secret-versions
@ -255,9 +217,6 @@ async fn destroy_path(
            }
        }
    }
    // check if all are gone
    Ok(StatusCode::NO_CONTENT)
 }
@ -319,11 +278,11 @@ async fn get_meta(
                    };
                    if metadata_res.data.current_version < curr_num {
-                        // should be the max of the available version numbers
+                        // the max of the available version numbers
                        metadata_res.data.current_version = curr_num;
                    }
                    if metadata_res.data.oldest_version > curr_num {
-                        // should be the min of the available version numbers
+                        // the min of the available version numbers
                        metadata_res.data.oldest_version = curr_num;
                    }
@ -353,7 +312,7 @@ async fn get_meta(
    Ok((StatusCode::OK, Json(metadata_res)).into_response())
 }
-// currently only writes the metadata - No case if already exists
+// currently only writes the metadata - Not case if already exists
 async fn post_meta(
    State(pool): State<DatabaseDriver>,
    Path(kv_path): Path<String>,
--- a/src/engines/kv/db_structs.rs
+++ b/src/engines/kv/db_structs.rs
@ -2,39 +2,20 @@ use chrono::{DateTime, Utc};
 use serde::Serialize;
 use sqlx::FromRow;
 // #[derive(Debug)]
 // #[deprecated(note = "Add Req or Res respecively if AND move to http file if intended; remove deprecation once used")]
 // pub struct SecretMeta {
 //     pub cas_required: bool,
 //     pub created_time: DateTime<Utc>,
 //     pub current_version: i64,
 //     /// In Hashicorp:
 //     /// If not set, the backend's configured delete_version_after is used.
 //     /// Cannot be greater than the backend's delete_version_after
 //     // TODO: implement duration type
 //     pub delete_version_after: String,
 //     // TODO https://developer.hashicorp.com/vault/docs/concepts/duration-format
 //     pub max_versions: i64,
 //     pub oldest_version: i64,
 //     pub updated_time: DateTime<Utc>,
 //     /// User-provided key-value pairs that are used to describe arbitrary and version-agnostic information about a secret.
 //     pub custom_metadata: Option<HashMap<String, String>>,
 //     pub versions: Vec<VersionMeta>,
 // }
 #[derive(FromRow)]
 #[derive(Debug)]
 pub struct DbSecretMeta {
    pub secret_path: String,
    pub cas_required: bool,
    pub created_time: DateTime<Utc>,
-    // Consider: implement duration type
+    // Consider implementation of duration type for further development:
    // https://developer.hashicorp.com/vault/docs/concepts/duration-format
    /// In Hashicorp:
    /// If not set, the backend's configured delete_version_after is used.
    /// Cannot be greater than the backend's delete_version_after
    pub delete_version_after: Option<String>,
    ///In Hashicorp:
    /// The number of versions to keep per key.
    /// If not set, the backend’s configured max version is used.
@ -45,12 +26,6 @@ pub struct DbSecretMeta {
    /// User-provided key-value pairs that are used to describe arbitrary and version-agnostic information about a secret.
    pub custom_data: Option<String>,
    // TODO: AS HASHMAP
    // pub custom_data: Option<HashMap<String, String>>,
    // pub current_version: i64,
    // pub oldest_version: i64,
 }
 #[derive(Serialize,Debug, FromRow)]
--- a/src/engines/kv/http_structs.rs
+++ b/src/engines/kv/http_structs.rs
@ -21,7 +21,6 @@ pub struct KvSecretReq {
    pub options: Option<HashMap<String, String>>,
    // Version does not exist for create/update operations
    // pub version: Option<i64>,
    // TODO add all fields
 }
 #[derive(Serialize, Debug)]
@ -113,20 +112,9 @@ pub struct KvMetaResData {
    pub updated_time: DateTime<Utc>,
    pub custom_metadata: Option<HashMap<String, String>>,
    pub versions: HashMap<i64, KvMetaResVersionData>,
-    // the key to a version is the version number
+    // here, the key to a version is the version number
 }
 // Example
 // {
 //     "max_versions": 5,
 //     "cas_required": false,
 //     "delete_version_after": "3h25m19s",
 //     "custom_metadata": {
 //       "foo": "abc",
 //       "bar": "123",
 //       "baz": "5c07d823-3810-48f6-a147-4c06b5219e84"
 //     }
 //   }
 #[derive(Serialize, Debug, Deserialize)]
 /// HTTP Request to post metadatas
 pub struct KvMetaReq {
--- a/src/engines/kv/logic.rs
+++ b/src/engines/kv/logic.rs
@ -2,33 +2,7 @@ use serde_json::Value;
 use super::{db_structs::SecretMeta, http_structs::*};
-// TODO create default function
+// Consider leaving this here - JSON merge patch is also used in the official implementation
 #[deprecated(note = "Use Axum functionality with structs instead, also, this should be inlined if it is actually needed")]
 /// serialize secret to JSON String
 pub fn serialize_secret_json(secret: &KvSecretReq) -> Result<String, serde_json::Error> {
    todo!()
    // serde_json::to_string(&secret)
 }
 #[deprecated(note = "Use Axum functionality with structs instead, also, this should be inlined if it is actually needed")]
 /// deserialize JSON String to secret
 pub fn deserialize_secret_struct(raw: &String) -> Result<KvSecretReq, serde_json::Error> {
    serde_json::from_str(raw)
 }
 #[deprecated(note = "Use Axum functionality with structs instead, also, this should be inlined if it is actually needed")]
 /// serialize metadata to JSON String
 pub fn serialize_metadata_json(secret: &SecretMeta) -> Result<String, serde_json::Error> {
    serde_json::to_string(&secret)
 }
 #[deprecated(note = "Use Axum functionality with structs instead, also, this should be inlined if it is actually needed")]
 /// deserialize JSON String to metadata
 pub fn deserialize_metadata_struct(raw: &String) -> Result<SecretMeta, serde_json::Error> {
    serde_json::from_str(raw)
 }
 #[deprecated(note = "Propably not needed (remove deprecation if actually needed)")]
 /// Consider:
 /// Instead of patching JSON, we should apply the modified fields directly to the database
--- a/src/engines/kv/tests.rs
+++ b/src/engines/kv/tests.rs
@ -1,66 +1,68 @@
-use std::collections::HashMap;
+// This file is deprecated. Currently, all tests are in written in go.
-use chrono::Utc;
+// use std::collections::HashMap;
 use tests::{
    logic::patch_metadata,
    structs::{SecretMeta, VersionMeta},
 };
-use super::*;
+// use chrono::Utc;
 // use tests::{
 //     logic::patch_metadata,
 //     structs::{SecretMeta, VersionMeta},
 // };
-#[test]
+// use super::*;
 #[cfg(target_feature = "_disabled")]
 fn print_serialized_test() {
    let temp_secret = TempSecret {
        content: String::from("Hallo"),
        version: 12,
    };
    let serialized = serialize_secret_json(&temp_secret);
    println!("string serialized: {:?}", serialized);
    let deserialized = deserialize_secret_struct(&serialized.unwrap());
    println!(
        "Struct field from deserialized: {}",
        deserialized.unwrap().content
    )
 }
 #[test]
 #[cfg(target_feature = "_disabled")]
 fn test_patching() {
    // TODO add more assertions
    let mut base = create_mock_meta();
    println!("OLD metadata: {:?}", base);
    let overwrite: SecretMeta = SecretMeta {
        max_versions: 10,
        versions: vec![VersionMeta {
            created_time: Utc::now(),
            deletion_time: Some(Utc::now()),
            destroyed: true,
        }],
        cas_required: true,
        delete_version_after: "10m".to_string(),
        current_version: 4,
        oldest_version: 2,
        updated_time: Utc::now(),
        created_time: Utc::now(),
        custom_metadata: Some(HashMap::new()),
    };
    let mut patched: Option<SecretMeta> = None; // Laurenz here
    match patch_metadata(&mut base, &overwrite) {
        Ok(meta) => {
            println!("NEW metadata: {:?}", meta);
            println!("patched successfully");
            patched = Some(meta);
        }
        Err(e) => {
            log::error!("error patching metadata: {}", e);
            panic!("Patching failed");
        }
    }
-    if let Some(patched_meta) = patched {
+// #[test]
-        assert!(patched_meta.current_version == 4);
+// #[cfg(target_feature = "_disabled")]
-        assert!(patched_meta.versions[0].destroyed == true);
+// fn print_serialized_test() {
-    } else {
+//     let temp_secret = TempSecret {
-        panic!("patched was not initialized");
+//         content: String::from("Hallo"),
-    }
+//         version: 12,
-}
+//     };
 //     let serialized = serialize_secret_json(&temp_secret);
 //     println!("string serialized: {:?}", serialized);
 //     let deserialized = deserialize_secret_struct(&serialized.unwrap());
 //     println!(
 //         "Struct field from deserialized: {}",
 //         deserialized.unwrap().content
 //     )
 // }
 // #[test]
 // #[cfg(target_feature = "_disabled")]
 // fn test_patching() {
 //     // TODO add more assertions
 //     let mut base = create_mock_meta();
 //     println!("OLD metadata: {:?}", base);
 //     let overwrite: SecretMeta = SecretMeta {
 //         max_versions: 10,
 //         versions: vec![VersionMeta {
 //             created_time: Utc::now(),
 //             deletion_time: Some(Utc::now()),
 //             destroyed: true,
 //         }],
 //         cas_required: true,
 //         delete_version_after: "10m".to_string(),
 //         current_version: 4,
 //         oldest_version: 2,
 //         updated_time: Utc::now(),
 //         created_time: Utc::now(),
 //         custom_metadata: Some(HashMap::new()),
 //     };
 //     let mut patched: Option<SecretMeta> = None;
 //     match patch_metadata(&mut base, &overwrite) {
 //         Ok(meta) => {
 //             println!("NEW metadata: {:?}", meta);
 //             println!("patched successfully");
 //             patched = Some(meta);
 //         }
 //         Err(e) => {
 //             log::error!("error patching metadata: {}", e);
 //             panic!("Patching failed");
 //         }
 //     }
 //     if let Some(patched_meta) = patched {
 //         assert!(patched_meta.current_version == 4);
 //         assert!(patched_meta.versions[0].destroyed == true);
 //     } else {
 //         panic!("patched was not initialized");
 //     }
 // }
--- a/src/main.rs
+++ b/src/main.rs
@ -24,10 +24,9 @@ mod sys;
 async fn main() {
    // To be configured via environment variables
    // choose from (highest to lowest): error, warn, info, debug, trace, off
-    env::set_var("RUST_LOG", "trace"); // TODO: Remove to respect user configuration
+    env::set_var("RUST_LOG", "trace");
-    // env::set_var("DATABASE_URL", "sqlite:test.db"); // TODO: move to .env
+    // env::set_var("DATABASE_URL", "sqlite:test.db"); // Format for the env var config. Consider moving to an .env file
    env_logger::init();
    // Listen on all IPv4 and IPv6 interfaces on port 8200 by default
    let listen_addr = env::var("LISTEN_ADDR").unwrap_or("[::]:8200".to_string()); // Do not change
    let listen_addr = SocketAddr::from_str(&listen_addr).expect("Failed to parse LISTEN_ADDR");